[Feature/Identity] Identity use cases

[peternied]

Description

Adding details uses cases for identity, this is going to get long!

Check List

• New functionality includes testing.
  • All tests pass
• New functionality has been documented.
  • New functionality has javadoc added
• Commits are signed per the DCO using --signoff
• Commit changes are listed out in CHANGELOG.md file (See: Changelog)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/7885/
• CommitID: a841a56
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/7886/
• CommitID: 3916136
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[DarshitChanpura]

These initial scenarios look good. As a follow-up we an add tests that support/validate these scenarios. Great stuff hashing these out @peternied !

[DarshitChanpura]

Should we support this?. If so, for unauthenticated request, it should return 403, correct?

[peternied]

There should be some way of identifying who the current user is, and this is more/less what is already in OpenSearch. I think we can dive in on the behavior for other scenarios as well as additional use cases

[DarshitChanpura]

User should be able to edit their password. Should we add a scenario for password-recovery?

[peternied]

PUT /identity/user/{username}/password would work for any username if you had permission, would this cover your recovery scenario?

[stephen-crawford]

Do you want this to be the same level bold as the "Identity features enabled" and "Non-use compatibility" headers? Do you think it should be one level smaller to indicate that it is under the "Identity features enabled" group?

[peternied]

I think this works, but maybe it would make sense to have even more layers of depth. Would you want to re-write with an alternative layout? I'd be happy to accept a pull request

[stephen-crawford]

I think that if you believe it is good as is, then it is just fine. I was more asking a question to see what you thought then expressing a major opinion one way or the other.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/8069/
• CommitID: afe7fb9
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[stephen-crawford]

I think the new changes are beneficial for both the more precise wording and also consistency with the rest of OpenSearch documentation.

[cwperks]

Will this document be updated with authorization use-cases in a future iteration?

[DarshitChanpura]

ty @peternied !

[stephen-crawford]

Looks great!

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: TIMEOUT ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/9305/
• CommitID: 1906092
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?